On January 6, HHS’ Office for Civil Rights published a Notice of Proposed Rulemaking titled “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information.” Wes Morris, Senior Director of Consulting Services, Clearwater, speaks with Jennifer Kreick, Partner, Haynes and Boone LLP, and Thomas Tanabe, Associate, Haynes and Boone LLP, about the proposed updates to the HIPAA Security Rule and the practical impacts for health care organizations. They discuss what is driving these proposed updates and issues related to “required” and “addressable” specifications, sanctions, technology asset inventories and network maps, risk analysis, business associates, and costs and timeline related to implementation. Jennifer and Thomas recently authored an AHLA Bulletin on this topic.
Compromised passwords remain a leading entry point for cyberattacks. But how can healthcare organizations enhance digital identity and authentication without slowing down critical access to systems and data?